--- a/javacommons/security/javasrc/com/nokia/mj/impl/security/midp/authentication/AuthenticationModule.java Wed Sep 01 12:33:18 2010 +0100
+++ b/javacommons/security/javasrc/com/nokia/mj/impl/security/midp/authentication/AuthenticationModule.java Tue Sep 14 21:06:50 2010 +0300
@@ -266,14 +266,14 @@
* (if applicable)
* @param appJARPath the path to the JAR being authenticated
*/
- public void authenticateJar(
- StorageSession storageSession,
+ public AuthenticationCredentials[] authenticateJar(
Uid msUID,
Uid oldMSUID,
String appJARPath,
boolean drmContent)
{
AuthenticationStorageData data = null;
+ Credentials selectedCredentials = null;
try
{
Vector allAuthCredentials = (Vector)iAuthCredentials.get(msUID);
@@ -307,15 +307,15 @@
null /*validatedChainIndexes*/,
null /* jarPath*/,
iSecurityWarningsMode);
+ selectedCredentials = new Credentials(
+ data.getProtectionDomain(),
+ data.getProtectionDomainCategory(),
+ jarHash,
+ null /* root hash */,
+ -1 /* validated chain index*/,
+ null /* signing cert */);
verifyUpdate(
- new Credentials[] {new Credentials(
- data.getProtectionDomain(),
- data.getProtectionDomainCategory(),
- jarHash,
- null /* root hash */,
- -1 /* validated chain index*/,
- null /* signing cert */)
- },
+ new Credentials[] {selectedCredentials},
oldMSUID);
}
else
@@ -328,7 +328,7 @@
String jarHashValue = null;
String rootHashValue = null;
Vector validatedChainIndexes = new Vector();
- Credentials selectedCredentials = selectCredentials(jarHash, allAuthCredentials, validatedChainIndexes);
+ selectedCredentials = selectCredentials(jarHash, allAuthCredentials, validatedChainIndexes);
if (selectedCredentials == null
|| selectedCredentials.getProtectionDomainName() == null)
{
@@ -378,8 +378,6 @@
validatedChainIndexes,
iSecurityWarningsMode);
}
-
- writeAuthenticationStorageData(storageSession, msUID, data, (oldMSUID != null && oldMSUID.equals(msUID)));
}
finally
{
@@ -389,17 +387,18 @@
iSelectedAuthCredentials.put(msUID, data);
}
}
+ return new AuthenticationCredentials[] {selectedCredentials};
}
/**
*/
- public void authenticateJar(
- StorageSession storageSession,
+ public AuthenticationCredentials[] authenticateJar(
Uid uid,
Uid oldUid,
ProtectionDomain protectionDomain,
String appJARPath)
{
+ Credentials selectedCredentials = null;
if (protectionDomain == null
|| (!protectionDomain.equals(ProtectionDomain.getManufacturerDomain())
&& !protectionDomain.equals(ProtectionDomain.getOperatorDomain())
@@ -438,18 +437,20 @@
null /*validatedChainIndexes*/,
null /* jarPath*/,
iSecurityWarningsMode);
+ selectedCredentials = new Credentials(
+ data.getProtectionDomain(),
+ data.getProtectionDomainCategory(),
+ jarHash,
+ null /* root hash */,
+ -1 /* validated chain index*/,
+ null /* signing cert */);
verifyUpdate(
- new Credentials[] {new Credentials(
- data.getProtectionDomain(),
- data.getProtectionDomainCategory(),
- jarHash,
- null /* root hash */,
- -1 /* validated chain index*/,
- null /* signing cert */)
- },
+ new Credentials[] {selectedCredentials},
oldUid);
- writeAuthenticationStorageData(storageSession, uid, data, (oldUid != null && oldUid.equals(uid)));
+ iSelectedAuthCredentials.put(uid, data);
+
+ return new AuthenticationCredentials[] {selectedCredentials};
}
/**
@@ -581,6 +582,24 @@
}
/**
+ * Writes to storage all the security data related to a certain MIDlet suite
+ *
+ * @param sessionID the JavaStorage session to be used when
+ * writing the security data into storage
+ * @param msUID the UID if the MIDlet suite whose security data is
+ * being written
+ */
+ public void addSecurityData(StorageSession storageSession, Uid msUID, Uid oldMsUID)
+ {
+ Logger.log("Write authentication data to storage");
+ AuthenticationStorageData authStorageData =
+ (AuthenticationStorageData)iSelectedAuthCredentials.remove(
+ msUID);
+ writeAuthenticationStorageData(storageSession, msUID, authStorageData,
+ (oldMsUID != null && oldMsUID.equals(msUID)));
+ }
+
+ /**
* Returns the details of the certificates used for authenticating a
* MIDlet suite. This method is used at installation time.
*
@@ -661,31 +680,20 @@
* @param aMediaId the identifier of the media where the MIDlet
* suite is installed
*/
- public void setMediaId(StorageSession aStorageSession, Uid aMsUid, int aMediaId)
+ public void setMediaId(Uid aMsUid, int aMediaId)
{
// store the jar hash only if the suite was installed on a non-protected media
if (isDriveProtected(aMediaId))
{
- SecurityStorage storage = new SecurityStorage(aStorageSession);
- try
+ AuthenticationStorageData authStorageData =
+ (AuthenticationStorageData)iSelectedAuthCredentials.get(
+ aMsUid);
+ if (authStorageData != null)
{
- AuthenticationStorageData authStorageData =
- (AuthenticationStorageData)iSelectedAuthCredentials.get(
- aMsUid);
- if (authStorageData != null)
- {
- Logger.log("Suite installed on protected media -> the runtime tamper detection is disabled");
- authStorageData.setJarHashValue(null);
- storage.writeAuthenticationStorageData(aMsUid,
- authStorageData,
- true /* this is an update */);
- }
+ Logger.log("Suite installed on protected media -> the runtime tamper detection is disabled");
+ authStorageData.setJarHashValue(null);
+ iSelectedAuthCredentials.put(aMsUid, authStorageData);
}
- finally
- {
- iSelectedAuthCredentials.remove(aMsUid);
- }
-
}
}
@@ -833,13 +841,13 @@
&& authStorageData.getJarHashValue().length() > 0)
{
Logger.log(" Doing tamper detection");
- String computedJarHash = null;
+ String computedJarHash = null;
try
{
computedJarHash = _computeHash(authStorageData.getJarPath());
- }catch(AuthenticationException e)
+ }catch(AuthenticationException e)
{
- if (e.getErrorCode()
+ if (e.getErrorCode()
== AuthenticationException.JAR_NOT_FOUND)
{
Logger.logWarning(" Jar not found while trying to compute hash");